version 0.12.4

see #173

.gitignore

@@ -18,3 +18,5 @@ site
 **/.vite
 
 **/*.snap.new
+
+**/*.drawio

Cargo.lock

@@ -567,18 +567,18 @@ checksum = "b35204fbdc0b3f4446b89fc1ac2cf84a8a68971995d0bf2e925ec7cd960f9cb3"
 
 [[package]]
 name = "caldata"
-version = "0.14.0"
+version = "0.15.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f36de4a8034d98c95e7fe874b828272d823cfbd68e9571fe7bf6c419e852cbe2"
+checksum = "e18d0b0cbc271e44b6f0dc262c9469f10f10f8af3fa00c3ebcc10e49ac91d478"
 dependencies = [
  "chrono",
  "chrono-tz",
  "derive_more",
  "itertools 0.14.0",
  "lazy_static",
+ "log",
  "phf 0.13.1",
  "regex",
- "rrule",
  "thiserror 2.0.18",
  "vtimezones-rs",
 ]
@@ -3169,19 +3169,6 @@ dependencies = [
  "windows-sys 0.59.0",
 ]
 
-[[package]]
-name = "rrule"
-version = "0.14.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "720acfb4980b9d8a6a430f6d7a11933e701ebbeba5eee39cc9d8c5f932aaff74"
-dependencies = [
- "chrono",
- "chrono-tz",
- "log",
- "regex",
- "thiserror 2.0.18",
-]
-
 [[package]]
 name = "rsa"
 version = "0.9.10"
@@ -3309,7 +3296,7 @@ dependencies = [
 
 [[package]]
 name = "rustical"
-version = "0.12.3"
+version = "0.12.4"
 dependencies = [
  "anyhow",
  "argon2",
@@ -3344,6 +3331,7 @@ dependencies = [
  "serde",
  "similar-asserts",
  "sqlx",
+ "tempfile",
  "tokio",
  "tokio-util",
  "toml 0.9.11+spec-1.1.0",
@@ -3358,7 +3346,7 @@ dependencies = [
 
 [[package]]
 name = "rustical_caldav"
-version = "0.12.3"
+version = "0.12.4"
 dependencies = [
  "async-std",
  "async-trait",
@@ -3400,7 +3388,7 @@ dependencies = [
 
 [[package]]
 name = "rustical_carddav"
-version = "0.12.3"
+version = "0.12.4"
 dependencies = [
  "async-trait",
  "axum",
@@ -3434,7 +3422,7 @@ dependencies = [
 
 [[package]]
 name = "rustical_dav"
-version = "0.12.3"
+version = "0.12.4"
 dependencies = [
  "async-trait",
  "axum",
@@ -3460,7 +3448,7 @@ dependencies = [
 
 [[package]]
 name = "rustical_dav_push"
-version = "0.12.3"
+version = "0.12.4"
 dependencies = [
  "async-trait",
  "axum",
@@ -3485,7 +3473,7 @@ dependencies = [
 
 [[package]]
 name = "rustical_frontend"
-version = "0.12.3"
+version = "0.12.4"
 dependencies = [
  "askama",
  "askama_web",
@@ -3521,7 +3509,7 @@ dependencies = [
 
 [[package]]
 name = "rustical_ical"
-version = "0.12.3"
+version = "0.12.4"
 dependencies = [
  "axum",
  "caldata",
@@ -3529,7 +3517,6 @@ dependencies = [
  "chrono-tz",
  "derive_more",
  "regex",
- "rrule",
  "rstest",
  "rustical_xml",
  "serde",
@@ -3540,7 +3527,7 @@ dependencies = [
 
 [[package]]
 name = "rustical_oidc"
-version = "0.12.3"
+version = "0.12.4"
 dependencies = [
  "async-trait",
  "axum",
@@ -3556,7 +3543,7 @@ dependencies = [
 
 [[package]]
 name = "rustical_store"
-version = "0.12.3"
+version = "0.12.4"
 dependencies = [
  "anyhow",
  "async-trait",
@@ -3570,7 +3557,6 @@ dependencies = [
  "headers",
  "http",
  "regex",
- "rrule",
  "rstest",
  "rstest_reuse",
  "rustical_dav",
@@ -3589,7 +3575,7 @@ dependencies = [
 
 [[package]]
 name = "rustical_store_sqlite"
-version = "0.12.3"
+version = "0.12.4"
 dependencies = [
  "async-trait",
  "caldata",
@@ -3614,7 +3600,7 @@ dependencies = [
 
 [[package]]
 name = "rustical_xml"
-version = "0.12.3"
+version = "0.12.4"
 dependencies = [
  "quick-xml",
  "thiserror 2.0.18",
@@ -5437,7 +5423,7 @@ checksum = "9edde0db4769d2dc68579893f2306b26c6ecfbe0ef499b013d731b7b9247e0b9"
 
 [[package]]
 name = "xml_derive"
-version = "0.12.3"
+version = "0.12.4"
 dependencies = [
  "darling 0.23.0",
  "heck",

Cargo.toml

@@ -2,7 +2,7 @@
 members = ["crates/*"]
 
 [workspace.package]
-version = "0.12.3"
+version = "0.12.4"
 rust-version = "1.92"
 edition = "2024"
 description = "A CalDAV server"
@@ -111,7 +111,7 @@ strum = "0.27"
 strum_macros = "0.27"
 serde_json = { version = "1.0", features = ["raw_value"] }
 sqlx-sqlite = { version = "0.8", features = ["bundled"] }
-caldata = { version = "0.14.0", features = ["chrono-tz", "vtimezones-rs"] }
+caldata = { version = "0.15.0", features = ["chrono-tz", "vtimezones-rs"] }
 toml = "0.9"
 tower = "0.5"
 tower-http = { version = "0.6", features = [
@@ -124,7 +124,6 @@ chrono-tz = "0.10"
 chrono-humanize = "0.2"
 rand = "0.9"
 axum-extra = { version = "0.12", features = ["typed-header"] }
-rrule = "0.14"
 argon2 = "0.5"
 rpassword = "7.4"
 password-hash = { version = "0.5" }
@@ -156,6 +155,7 @@ rstest.workspace = true
 rustical_store_sqlite = { workspace = true, features = ["test"] }
 insta.workspace = true
 similar-asserts.workspace = true
+tempfile = "3.24"
 
 [dependencies]
 rustical_store.workspace = true

crates/caldav/src/calendar/methods/get.rs

@@ -43,28 +43,28 @@ pub async fn route_get<C: CalendarStore, S: SubscriptionStore>(
     if let Some(displayname) = calendar.meta.displayname {
         props.push(ContentLine {
             name: "X-WR-CALNAME".to_owned(),
-            value: Some(displayname),
+            value: displayname,
             params: vec![].into(),
         });
     }
     if let Some(description) = calendar.meta.description {
         props.push(ContentLine {
             name: "X-WR-CALDESC".to_owned(),
-            value: Some(description),
+            value: description,
             params: vec![].into(),
         });
     }
     if let Some(color) = calendar.meta.color {
         props.push(ContentLine {
             name: "X-WR-CALCOLOR".to_owned(),
-            value: Some(color),
+            value: color,
             params: vec![].into(),
         });
     }
     if let Some(timezone_id) = calendar.timezone_id {
         props.push(ContentLine {
             name: "X-WR-TIMEZONE".to_owned(),
-            value: Some(timezone_id),
+            value: timezone_id,
             params: vec![].into(),
         });
     }

crates/caldav/src/calendar/methods/import.rs

@@ -35,16 +35,16 @@ pub async fn route_import<C: CalendarStore, S: SubscriptionStore>(
     // Extract calendar metadata
     let displayname = cal
         .get_property("X-WR-CALNAME")
-        .and_then(|prop| prop.value.clone());
+        .map(|prop| prop.value.clone());
     let description = cal
         .get_property("X-WR-CALDESC")
-        .and_then(|prop| prop.value.clone());
+        .map(|prop| prop.value.clone());
     let color = cal
         .get_property("X-WR-CALCOLOR")
-        .and_then(|prop| prop.value.clone());
+        .map(|prop| prop.value.clone());
     let timezone_id = cal
         .get_property("X-WR-TIMEZONE")
-        .and_then(|prop| prop.value.clone());
+        .map(|prop| prop.value.clone());
     // These properties should not appear in the expanded calendar objects
     cal.remove_property("X-WR-CALNAME");
     cal.remove_property("X-WR-CALDESC");

crates/carddav/src/addressbook/methods/import.rs

@@ -34,7 +34,7 @@ pub async fn route_import<AS: AddressbookStore, S: SubscriptionStore>(
             let mut card_mut = card.mutable();
             card_mut.add_content_line(ContentLine {
                 name: "UID".to_owned(),
-                value: Some(uuid::Uuid::new_v4().to_string()),
+                value: uuid::Uuid::new_v4().to_string(),
                 params: vec![].into(),
             });
             card = card_mut.build(&ParserOptions::default(), None).unwrap();

crates/dav/src/xml/text_match.rs

@@ -129,8 +129,7 @@ impl TextMatchElement {
     }
     #[must_use]
     pub fn match_property(&self, property: &ContentLine) -> bool {
-        let text = property.value.as_deref().unwrap_or("");
-        self.match_text(text)
+        self.match_text(&property.value)
     }
 }
 

crates/ical/Cargo.toml

@@ -17,7 +17,6 @@ derive_more.workspace = true
 rustical_xml.workspace = true
 caldata.workspace = true
 regex.workspace = true
-rrule.workspace = true
 serde.workspace = true
 sha2.workspace = true
 axum.workspace = true

crates/ical/src/address_object.rs

@@ -13,7 +13,7 @@ use caldata::{
         IcalUIDProperty, IcalVERSIONProperty, IcalVersion, VcardANNIVERSARYProperty,
         VcardBDAYProperty, VcardFNProperty,
     },
-    types::{CalDate, PartialDate, Timezone},
+    types::{CalDate, PartialDate, Tz},
 };
 use chrono::{NaiveDate, Utc};
 use sha2::{Digest, Sha256};
@@ -73,7 +73,7 @@ impl AddressObject {
         let Some(dtstart) = NaiveDate::from_ymd_opt(year.unwrap_or(1900), month, day) else {
             return Ok(None);
         };
-        let start_date = CalDate(dtstart, Timezone::Local);
+        let start_date = CalDate(dtstart, Tz::Local);
         let Some(end_date) = start_date.succ_opt() else {
             // start_date is MAX_DATE, this should never happen but FAPP also not raise an error
             return Ok(None);
@@ -90,14 +90,14 @@ impl AddressObject {
                 IcalDTENDProperty(end_date.into(), vec![].into()).into(),
                 IcalUIDProperty(uid, vec![].into()).into(),
                 IcalRRULEProperty(
-                    rrule::RRule::from_str("FREQ=YEARLY").unwrap(),
+                    caldata::rrule::RRule::from_str("FREQ=YEARLY").unwrap(),
                     vec![].into(),
                 )
                 .into(),
                 IcalSUMMARYProperty(summary.clone(), vec![].into()).into(),
                 ContentLine {
                     name: "TRANSP".to_owned(),
-                    value: Some("TRANSPARENT".to_owned()),
+                    value: "TRANSPARENT".to_owned(),
                     ..Default::default()
                 },
             ],
@@ -105,17 +105,17 @@ impl AddressObject {
                 properties: vec![
                     ContentLine {
                         name: "TRIGGER".to_owned(),
-                        value: Some("-PT0M".to_owned()),
+                        value: "-PT0M".to_owned(),
                         params: vec![("VALUE".to_owned(), vec!["DURATION".to_owned()])].into(),
                     },
                     ContentLine {
                         name: "ACTION".to_owned(),
-                        value: Some("DISPLAY".to_owned()),
+                        value: "DISPLAY".to_owned(),
                         ..Default::default()
                     },
                     ContentLine {
                         name: "DESCRIPTION".to_owned(),
-                        value: Some(summary),
+                        value: summary,
                         ..Default::default()
                     },
                 ],

crates/store/Cargo.toml

@@ -27,7 +27,6 @@ rustical_dav.workspace = true
 rustical_ical.workspace = true
 axum.workspace = true
 http.workspace = true
-rrule.workspace = true
 headers.workspace = true
 tower.workspace = true
 futures-core.workspace = true

src/commands/health.rs

@@ -2,7 +2,7 @@ use crate::config::HttpConfig;
 use clap::Parser;
 use http::Method;
 
-#[derive(Parser, Debug)]
+#[derive(Parser, Debug, Default)]
 pub struct HealthArgs {}
 
 /// Healthcheck for running rustical instance

src/commands/mod.rs

@@ -8,7 +8,7 @@ use rustical_frontend::FrontendConfig;
 
 mod health;
 pub mod membership;
-mod principals;
+pub mod principals;
 
 pub use health::{HealthArgs, cmd_health};
 pub use principals::{PrincipalsArgs, cmd_principals};

src/commands/principals.rs

@@ -1,56 +1,49 @@
 use super::membership::MembershipArgs;
 use crate::{config::Config, get_data_stores, membership::cmd_membership};
 use clap::{Parser, Subcommand};
-use figment::{
-    Figment,
-    providers::{Env, Format, Toml},
-};
 use password_hash::{PasswordHasher, SaltString, rand_core::OsRng};
 use rustical_store::auth::{AuthenticationProvider, Principal, PrincipalType};
 
 #[derive(Parser, Debug)]
 pub struct PrincipalsArgs {
-    #[arg(short, long, env, default_value = "/etc/rustical/config.toml")]
-    config_file: String,
-
     #[command(subcommand)]
-    command: Command,
+    pub command: PrincipalsCommand,
 }
 
 #[derive(Parser, Debug)]
-struct CreateArgs {
-    id: String,
+pub struct CreateArgs {
+    pub id: String,
     #[arg(value_enum, short, long)]
-    principal_type: Option<PrincipalType>,
+    pub principal_type: Option<PrincipalType>,
     #[arg(short, long)]
-    name: Option<String>,
+    pub name: Option<String>,
     #[arg(long, help = "Ask for password input")]
-    password: bool,
+    pub password: bool,
 }
 
 #[derive(Parser, Debug)]
-struct RemoveArgs {
-    id: String,
+pub struct RemoveArgs {
+    pub id: String,
 }
 
 #[derive(Parser, Debug)]
-struct EditArgs {
-    id: String,
+pub struct EditArgs {
+    pub id: String,
     #[arg(long, help = "Ask for password input")]
-    password: bool,
+    pub password: bool,
     #[arg(
         long,
         help = "Remove password (If you only want to use OIDC for example)"
     )]
-    remove_password: bool,
+    pub remove_password: bool,
     #[arg(short, long, help = "Change principal displayname")]
-    name: Option<String>,
+    pub name: Option<String>,
     #[arg(value_enum, short, long, help = "Change the principal type")]
-    principal_type: Option<PrincipalType>,
+    pub principal_type: Option<PrincipalType>,
 }
 
 #[derive(Debug, Subcommand)]
-enum Command {
+pub enum PrincipalsCommand {
     List,
     Create(CreateArgs),
     Remove(RemoveArgs),
@@ -59,16 +52,11 @@ enum Command {
 }
 
 #[allow(clippy::missing_errors_doc, clippy::missing_panics_doc)]
-pub async fn cmd_principals(args: PrincipalsArgs) -> anyhow::Result<()> {
-    let config: Config = Figment::new()
-        .merge(Toml::file(&args.config_file))
-        .merge(Env::prefixed("RUSTICAL_").split("__"))
-        .extract()?;
-
+pub async fn cmd_principals(args: PrincipalsArgs, config: Config) -> anyhow::Result<()> {
     let (_, _, _, principal_store, _) = get_data_stores(true, &config.data_store).await?;
 
     match args.command {
-        Command::List => {
+        PrincipalsCommand::List => {
             for principal in principal_store.get_principals().await? {
                 println!(
                     "{} (displayname={}) [{}]",
@@ -78,7 +66,7 @@ pub async fn cmd_principals(args: PrincipalsArgs) -> anyhow::Result<()> {
                 );
             }
         }
-        Command::Create(CreateArgs {
+        PrincipalsCommand::Create(CreateArgs {
             id,
             principal_type,
             name,
@@ -112,11 +100,11 @@ pub async fn cmd_principals(args: PrincipalsArgs) -> anyhow::Result<()> {
                 .await?;
             println!("Principal created");
         }
-        Command::Remove(RemoveArgs { id }) => {
+        PrincipalsCommand::Remove(RemoveArgs { id }) => {
             principal_store.remove_principal(&id).await?;
             println!("Principal {id} removed");
         }
-        Command::Edit(EditArgs {
+        PrincipalsCommand::Edit(EditArgs {
             id,
             remove_password,
             password,
@@ -152,7 +140,7 @@ pub async fn cmd_principals(args: PrincipalsArgs) -> anyhow::Result<()> {
             principal_store.insert_principal(principal, true).await?;
             println!("Principal {id} updated");
         }
-        Command::Membership(args) => {
+        PrincipalsCommand::Membership(args) => {
             cmd_membership(principal_store.as_ref(), args).await?;
         }
     }

src/lib.rs

@@ -110,8 +110,11 @@ pub async fn cmd_default(
     args: Args,
     config: Config,
     start_notifier: Option<Arc<Notify>>,
+    tracing: bool,
 ) -> Result<()> {
-    setup_tracing(&config.tracing);
+    if tracing {
+        setup_tracing(&config.tracing);
+    }
 
     let (addr_store, cal_store, subscription_store, principal_store, update_recv) =
         get_data_stores(!args.no_migrations, &config.data_store).await?;

src/main.rs

@@ -21,14 +21,16 @@ async fn main() -> Result<()> {
 
     match args.command {
         Some(Command::GenConfig(gen_config_args)) => cmd_gen_config(gen_config_args),
-        Some(Command::Principals(principals_args)) => cmd_principals(principals_args).await,
+        Some(Command::Principals(principals_args)) => {
+            cmd_principals(principals_args, parse_config()?).await
+        }
         Some(Command::Health(health_args)) => {
             let config: Config = parse_config()?;
             cmd_health(config.http, health_args).await
         }
         None => {
             let config: Config = parse_config()?;
-            cmd_default(args, config, None).await
+            cmd_default(args, config, None, true).await
         }
     }
 }

tests/common/mod.rs

@@ -3,27 +3,38 @@ use rustical::{
     config::{Config, DataStoreConfig, HttpConfig, SqliteDataStoreConfig},
 };
 use std::{
+    collections::HashSet,
     net::{Ipv4Addr, SocketAddrV4, TcpListener},
-    sync::Arc,
+    sync::{Arc, Mutex, OnceLock},
     thread::{self, JoinHandle},
 };
 use tokio::sync::Notify;
 use tokio_util::sync::CancellationToken;
 
+// When running multiple integration tests we need to make sure that they don't get the same port
+static BOUND_PORTS: OnceLock<Mutex<HashSet<u16>>> = OnceLock::new();
+
 pub fn find_free_port() -> Option<u16> {
+    let bound_ports = BOUND_PORTS.get_or_init(Mutex::default);
+    let mut bound_ports_write = bound_ports.lock().unwrap();
     let mut port = 15000;
     // Frees the socket on drop such that this function returns a free port
-    while TcpListener::bind(SocketAddrV4::new(Ipv4Addr::UNSPECIFIED, port)).is_err() {
+    while TcpListener::bind(SocketAddrV4::new(Ipv4Addr::UNSPECIFIED, port)).is_err()
+        || bound_ports_write.contains(&port)
+    {
         port += 1;
 
         if port >= 16000 {
             return None;
         }
     }
+    bound_ports_write.insert(port);
     Some(port)
 }
 
-pub fn rustical_process() -> (CancellationToken, u16, JoinHandle<()>, Arc<Notify>) {
+pub fn rustical_process(
+    db_url: Option<String>,
+) -> (CancellationToken, u16, JoinHandle<()>, Arc<Notify>) {
     let port = find_free_port().unwrap();
     let token = CancellationToken::new();
     let cloned_token = token.clone();
@@ -41,7 +52,7 @@ pub fn rustical_process() -> (CancellationToken, u16, JoinHandle<()>, Arc<Notify
                 },
                 Config {
                     data_store: DataStoreConfig::Sqlite(SqliteDataStoreConfig {
-                        db_url: ":memory:".to_owned(),
+                        db_url: db_url.unwrap_or(":memory:".to_owned()),
                         run_repairs: true,
                         skip_broken: false,
                     }),
@@ -58,6 +69,7 @@ pub fn rustical_process() -> (CancellationToken, u16, JoinHandle<()>, Arc<Notify
                     caldav: Default::default(),
                 },
                 Some(cloned_start_notify),
+                false,
             )
             .await
         };

tests/http_integration.rs

@@ -1,20 +1,26 @@
 // This integration test checks whether the HTTP server works by actually running rustical in a new
 // thread.
 use common::rustical_process;
-use http::StatusCode;
+use http::{Method, StatusCode};
+use rustical::{
+    PrincipalsArgs, cmd_health, cmd_principals,
+    config::{Config, DataStoreConfig, HttpConfig, SqliteDataStoreConfig},
+    principals::{CreateArgs, PrincipalsCommand},
+};
+use rustical_store::auth::{AuthenticationProvider, PrincipalType};
+use rustical_store_sqlite::{create_db_pool, principal_store::SqlitePrincipalStore};
 use std::time::Duration;
 
 mod common;
 
-pub async fn test_runner<O, F>(inner: F)
+pub async fn test_runner<O, F>(db_path: Option<String>, inner: F)
 where
     O: IntoFuture<Output = ()>,
     // <O as IntoFuture>::IntoFuture: UnwindSafe,
-    F: FnOnce(String) -> O,
+    F: FnOnce(u16) -> O,
 {
     // Start RustiCal process
-    let (token, port, main_process, start_notify) = rustical_process();
-    let origin = format!("http://localhost:{port}");
+    let (token, port, main_process, start_notify) = rustical_process(db_path);
 
     // Wait for RustiCal server to listen
     tokio::time::timeout(Duration::new(2, 0), start_notify.notified())
@@ -23,7 +29,7 @@ where
 
     // We use catch_unwind to make sure we'll always correctly stop RustiCal
     // Otherwise, our process would just run indefinitely
-    inner(origin).into_future().await;
+    inner(port).into_future().await;
 
     // Signal RustiCal to stop
     token.cancel();
@@ -32,13 +38,100 @@ where
 
 #[tokio::test]
 async fn test_ping() {
-    test_runner(async |origin| {
+    test_runner(None, async |port| {
+        let origin = format!("http://localhost:{port}");
         let resp = reqwest::get(origin.clone() + "/ping").await.unwrap();
         assert_eq!(resp.status(), StatusCode::OK);
 
         // Ensure that path normalisation works as intended
         let resp = reqwest::get(origin + "/ping/").await.unwrap();
         assert_eq!(resp.status(), StatusCode::OK);
+
+        cmd_health(
+            HttpConfig {
+                host: "localhost".to_owned(),
+                port,
+                ..Default::default()
+            },
+            Default::default(),
+        )
+        .await
+        .unwrap();
     })
     .await
 }
+
+// When setting a use password from the CLI we effectively have two processes accessing the same
+// database: The server and the CLI.
+// This test ensures that the server correctly picks up the changes made by the CLI.
+#[tokio::test]
+async fn test_initial_setup() {
+    let db_tempfile = tempfile::NamedTempFile::with_suffix(".rustical-test.sqlite3").unwrap();
+    let db_path = db_tempfile.path().to_string_lossy().into_owned();
+
+    test_runner(Some(db_path.clone()), async |port| {
+        let origin = format!("http://localhost:{port}");
+        // Create principal
+        cmd_principals(
+            PrincipalsArgs {
+                command: PrincipalsCommand::Create(CreateArgs {
+                    id: "user".to_owned(),
+                    name: Some("Test User".to_owned()),
+                    password: false,
+                    principal_type: Some(PrincipalType::Individual),
+                }),
+            },
+            Config {
+                data_store: DataStoreConfig::Sqlite(SqliteDataStoreConfig {
+                    db_url: db_path.clone(),
+                    run_repairs: true,
+                    skip_broken: false,
+                }),
+                http: Default::default(),
+                frontend: Default::default(),
+                oidc: None,
+                tracing: Default::default(),
+                dav_push: Default::default(),
+                nextcloud_login: Default::default(),
+                caldav: Default::default(),
+            },
+        )
+        .await
+        .unwrap();
+
+        // Bodge to set password without using command (since that reads stdin)
+        let db = create_db_pool(&db_path, false).await.unwrap();
+        let principal_store = SqlitePrincipalStore::new(db);
+        let app_token = "token";
+        principal_store
+            .add_app_token("user", "Test Token".to_owned(), app_token.to_owned())
+            .await
+            .unwrap();
+
+        let url = origin.clone() + "/caldav/principal/user";
+        let resp = reqwest::Client::new()
+            .request(Method::from_bytes(b"PROPFIND").unwrap(), &url)
+            .send()
+            .await
+            .unwrap();
+        assert_eq!(resp.status(), StatusCode::UNAUTHORIZED);
+
+        let resp = reqwest::Client::new()
+            .request(Method::from_bytes(b"PROPFIND").unwrap(), &url)
+            .basic_auth("user", Some("token"))
+            .send()
+            .await
+            .unwrap();
+        assert_eq!(resp.status(), StatusCode::MULTI_STATUS);
+
+        principal_store.remove_principal("user").await.unwrap();
+
+        let resp = reqwest::Client::new()
+            .request(Method::from_bytes(b"PROPFIND").unwrap(), &url)
+            .send()
+            .await
+            .unwrap();
+        assert_eq!(resp.status(), StatusCode::UNAUTHORIZED);
+    })
+    .await;
+}

tests/integration_tests/caldav/calendar_put.rs

@@ -72,3 +72,53 @@ END:VCALENDAR";
     </error>
     "#);
 }
+
+/// Thunderbird creates VTIMEZONE objects with invalid RRULEs.
+/// While invalid, we still want to accept them since Thunderbird is quite commonly used.
+/// In the future, we might fix invalid timezones ourself.
+#[rstest]
+#[tokio::test]
+async fn test_put_thunderbird(
+    #[from(test_store_context)]
+    #[future]
+    context: TestStoreContext,
+) {
+    let context = context.await;
+    let app = get_app(context.clone());
+
+    let calendar_meta = CalendarMetadata {
+        displayname: Some("Calendar".to_string()),
+        description: Some("Description".to_string()),
+        color: Some("#00FF00".to_string()),
+        order: 0,
+    };
+    let (principal, cal_id) = ("user", "calendar");
+    let url = format!("/caldav/principal/{principal}/{cal_id}");
+
+    let mut request = Request::builder()
+        .method("MKCALENDAR")
+        .uri(&url)
+        .body(Body::from(mkcalendar_template(&calendar_meta)))
+        .unwrap();
+    request
+        .headers_mut()
+        .typed_insert(Authorization::basic("user", "pass"));
+    let response = app.clone().oneshot(request).await.unwrap();
+    assert_eq!(response.status(), StatusCode::CREATED);
+
+    let ical = include_str!("resources/ical_thunderbird.ics");
+
+    let mut request = Request::builder()
+        .method("PUT")
+        .uri(format!("{url}/qwue23489.ics"))
+        .header("If-None-Match", "*")
+        .header("Content-Type", "text/calendar")
+        .body(Body::from(ical))
+        .unwrap();
+    request
+        .headers_mut()
+        .typed_insert(Authorization::basic("user", "pass"));
+
+    let response = app.clone().oneshot(request).await.unwrap();
+    assert_eq!(response.status(), StatusCode::CREATED);
+}

tests/integration_tests/caldav/resources/ical_thunderbird.ics

@@ -0,0 +1,206 @@
+BEGIN:VCALENDAR
+PRODID:-//Mozilla.org/NONSGML Mozilla Calendar V1.1//EN
+VERSION:2.0
+BEGIN:VTIMEZONE
+TZID:Europe/Berlin
+X-TZINFO:Europe/Berlin[2025b]
+BEGIN:STANDARD
+TZOFFSETTO:+010000
+TZOFFSETFROM:+005328
+TZNAME:Europe/Berlin(STD)
+DTSTART:18930401T000000
+RDATE:18930401T000000
+END:STANDARD
+BEGIN:DAYLIGHT
+TZOFFSETTO:+020000
+TZOFFSETFROM:+010000
+TZNAME:Europe/Berlin(DST)
+DTSTART:19160430T230000
+RDATE:19160430T230000
+END:DAYLIGHT
+BEGIN:STANDARD
+TZOFFSETTO:+010000
+TZOFFSETFROM:+020000
+TZNAME:Europe/Berlin(STD)
+DTSTART:19161001T010000
+RDATE:19161001T010000
+END:STANDARD
+BEGIN:DAYLIGHT
+TZOFFSETTO:+020000
+TZOFFSETFROM:+010000
+TZNAME:Europe/Berlin(DST)
+DTSTART:19170416T020000
+RRULE:FREQ=YEARLY;BYMONTH=4;BYDAY=3MO;UNTIL=19180415T020000
+END:DAYLIGHT
+BEGIN:STANDARD
+TZOFFSETTO:+010000
+TZOFFSETFROM:+020000
+TZNAME:Europe/Berlin(STD)
+DTSTART:19170917T030000
+RRULE:FREQ=YEARLY;BYMONTH=9;BYDAY=3MO;UNTIL=19180916T030000
+END:STANDARD
+BEGIN:DAYLIGHT
+TZOFFSETTO:+020000
+TZOFFSETFROM:+010000
+TZNAME:Europe/Berlin(DST)
+DTSTART:19400401T020000
+RDATE:19400401T020000
+END:DAYLIGHT
+BEGIN:STANDARD
+TZOFFSETTO:+010000
+TZOFFSETFROM:+020000
+TZNAME:Europe/Berlin(STD)
+DTSTART:19421102T030000
+RDATE:19421102T030000
+END:STANDARD
+BEGIN:DAYLIGHT
+TZOFFSETTO:+020000
+TZOFFSETFROM:+010000
+TZNAME:Europe/Berlin(DST)
+DTSTART:19430329T020000
+RDATE:19430329T020000
+END:DAYLIGHT
+BEGIN:DAYLIGHT
+TZOFFSETTO:+020000
+TZOFFSETFROM:+010000
+TZNAME:Europe/Berlin(DST)
+DTSTART:19440403T020000
+RRULE:FREQ=YEARLY;BYMONTH=4;BYDAY=1MO;UNTIL=19450402T020000
+END:DAYLIGHT
+BEGIN:DAYLIGHT
+TZOFFSETTO:+030000
+TZOFFSETFROM:+020000
+TZNAME:Europe/Berlin(DST)
+DTSTART:19450524T020000
+RDATE:19450524T020000
+END:DAYLIGHT
+BEGIN:STANDARD
+TZOFFSETTO:+010000
+TZOFFSETFROM:+020000
+TZNAME:Europe/Berlin(STD)
+DTSTART:19431004T030000
+RRULE:FREQ=YEARLY;BYMONTH=10;BYDAY=1MO;UNTIL=19441002T030000
+END:STANDARD
+BEGIN:DAYLIGHT
+TZOFFSETTO:+020000
+TZOFFSETFROM:+030000
+TZNAME:Europe/Berlin(DST)
+DTSTART:19450924T030000
+RDATE:19450924T030000
+END:DAYLIGHT
+BEGIN:STANDARD
+TZOFFSETTO:+010000
+TZOFFSETFROM:+020000
+TZNAME:Europe/Berlin(STD)
+DTSTART:19451118T030000
+RDATE:19451118T030000
+END:STANDARD
+BEGIN:DAYLIGHT
+TZOFFSETTO:+020000
+TZOFFSETFROM:+010000
+TZNAME:Europe/Berlin(DST)
+DTSTART:19460414T020000
+RDATE:19460414T020000
+END:DAYLIGHT
+BEGIN:DAYLIGHT
+TZOFFSETTO:+020000
+TZOFFSETFROM:+010000
+TZNAME:Europe/Berlin(DST)
+DTSTART:19470406T030000
+RDATE:19470406T030000
+END:DAYLIGHT
+BEGIN:DAYLIGHT
+TZOFFSETTO:+030000
+TZOFFSETFROM:+020000
+TZNAME:Europe/Berlin(DST)
+DTSTART:19470511T030000
+RDATE:19470511T030000
+END:DAYLIGHT
+BEGIN:STANDARD
+TZOFFSETTO:+010000
+TZOFFSETFROM:+020000
+TZNAME:Europe/Berlin(STD)
+DTSTART:19461007T030000
+RDATE:19461007T030000
+END:STANDARD
+BEGIN:DAYLIGHT
+TZOFFSETTO:+020000
+TZOFFSETFROM:+030000
+TZNAME:Europe/Berlin(DST)
+DTSTART:19470629T030000
+RDATE:19470629T030000
+END:DAYLIGHT
+BEGIN:DAYLIGHT
+TZOFFSETTO:+020000
+TZOFFSETFROM:+010000
+TZNAME:Europe/Berlin(DST)
+DTSTART:19480418T020000
+RDATE:19480418T020000
+END:DAYLIGHT
+BEGIN:DAYLIGHT
+TZOFFSETTO:+020000
+TZOFFSETFROM:+010000
+TZNAME:Europe/Berlin(DST)
+DTSTART:19490410T020000
+RDATE:19490410T020000
+END:DAYLIGHT
+BEGIN:STANDARD
+TZOFFSETTO:+010000
+TZOFFSETFROM:+020000
+TZNAME:Europe/Berlin(STD)
+DTSTART:19471005T030000
+RRULE:FREQ=YEARLY;BYMONTH=10;BYDAY=1SU;UNTIL=19491002T030000
+END:STANDARD
+BEGIN:DAYLIGHT
+TZOFFSETTO:+020000
+TZOFFSETFROM:+010000
+TZNAME:Europe/Berlin(DST)
+DTSTART:19800406T020000
+RDATE:19800406T020000
+END:DAYLIGHT
+BEGIN:STANDARD
+TZOFFSETTO:+010000
+TZOFFSETFROM:+020000
+TZNAME:Europe/Berlin(STD)
+DTSTART:19800928T030000
+RRULE:FREQ=YEARLY;BYMONTH=9;BYDAY=-1SU;UNTIL=19950924T030000
+END:STANDARD
+BEGIN:DAYLIGHT
+TZOFFSETTO:+020000
+TZOFFSETFROM:+010000
+TZNAME:Europe/Berlin(DST)
+DTSTART:19810329T020000
+RRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=-1SU;UNTIL=19960331T020000
+END:DAYLIGHT
+BEGIN:STANDARD
+TZOFFSETTO:+010000
+TZOFFSETFROM:+020000
+TZNAME:Europe/Berlin(STD)
+DTSTART:19961027T030000
+RDATE:19961027T030000
+END:STANDARD
+BEGIN:DAYLIGHT
+TZOFFSETTO:+020000
+TZOFFSETFROM:+010000
+TZNAME:(DST)
+DTSTART:19970330T020000
+RRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=-1SU
+END:DAYLIGHT
+BEGIN:STANDARD
+TZOFFSETTO:+010000
+TZOFFSETFROM:+020000
+TZNAME:(STD)
+DTSTART:19971026T030000
+RRULE:FREQ=YEARLY;BYMONTH=10;BYDAY=-1SU
+END:STANDARD
+END:VTIMEZONE
+BEGIN:VEVENT
+CREATED:20260130T134029Z
+LAST-MODIFIED:20260130T134029Z
+DTSTAMP:20260130T134029Z
+UID:620c612d-2b03-4fcf-97c7-8fecd6e18565
+DTSTART;TZID=Europe/Berlin:20260130T050000
+DTEND;TZID=Europe/Berlin:20260130T070000
+TRANSP:OPAQUE
+END:VEVENT
+END:VCALENDAR